/// <summary>
///
/// </summary>
/// <param name="context"></param>
public Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
var requestLocalizer = context.HttpContext.RequestServices.GetRequiredService <IStringLocalizer <Request> >();
var ctrl = (ControllerActionDescriptor)context.ActionDescriptor;
//匿名不需要验证
var allowAnonymous = ctrl.MethodInfo.IsDefined(typeof(AllowAnonymousAttribute)) ||
ctrl.ControllerTypeInfo.IsDefined(typeof(AllowAnonymousAttribute));
if (allowAnonymous)
{
return(Task.CompletedTask);
}
// 判断当前登录用户
var user = SetPrincipal(context);
if (!user)
{
var content = new ApiResult <string>
{
Status = 203,
Msg = requestLocalizer["No login or login timeout"]
};
ResponseStatusCode.SetResponseStatusCode(content, context.HttpContext.Response);
// 此处不能直接设置Response,要设置Result,后续过滤器才不会往下执行,下游判断Result不为空,直接执行结果,自动写入响应
// 否则此处设置响应流,请求到达控制器,又会执行控制器的结果,因再次写入Response而抛异常
context.Result = new ObjectResult(content);
}
return(Task.CompletedTask);
}
/// <summary>无权限请求</summary>
/// <param name="filterContext"></param>
protected void HandleUnauthorizedRequest(AuthorizationFilterContext filterContext)
{
var content = new ApiResult <String>
{
Status = 401,
Msg = "No permission" // 没有权限
};
ResponseStatusCode.SetResponseStatusCode(content, filterContext.HttpContext.Response);
// 此处不能直接设置Response,要设置Result,后续过滤器才不会往下执行,下游判断Result不为空,直接执行结果,自动写入响应
// 否则此处设置响应流,请求到达控制器,又会执行控制器的结果,因再次写入Response而抛异常
filterContext.Result = new ObjectResult(content);
}
/// <summary>
/// InvokeAsync
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task InvokeAsync(HttpContext context)
{
try
{
await _next(context);
}
catch (Exception e)
{
//记录系统的异常信息
XTrace.WriteException(e);
// 如果已经开始响应到客户端,直接抛出异常,否则下面写入响应也会抛异常
if (context.Response.HasStarted)
{
throw;
}
var data = new ApiResult <String>();
if (e is ApiException apiexc)
{
data.Status = apiexc.Status;
data.Msg = apiexc.Message;
//data.Status = ResponseStatusCode.GetStatusCode(apiexc.Status);
//context.Response.StatusCode = ResponseStatusCode.SetHttpStatusCode ?
// data.Status : 200;
ResponseStatusCode.SetResponseStatusCode(data, context.Response);
}
else
{
data.Msg = e.Message;
data.Status = ResponseStatusCode.GetStatusCode(500);
//context.Response.StatusCode = ResponseStatusCode.SetHttpStatusCode ?
// data.Status : (Int32)HttpStatusCode.InternalServerError;
ResponseStatusCode.SetResponseStatusCode(data, context.Response);
}
context.Response.Headers.Add(HeaderNames.ContentType, "application/json;charset=utf-8");
await context.Response.WriteAsync(JsonConvert.SerializeObject(data), Encoding.UTF8);
}
}
